124 matches found
kernel: vsock: Keep the binding until socket destruction
A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...
openSUSE Security Advisory (SUSE-SU-2024:4411-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 : kernel (RHSA-2024:10262)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:10262 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: improper input validation may...
CVE-2024-11403 Out of Bounds Memory Read/Write in libjxl
There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds in the presence o...
OpenEXR: Heap Overflow in Scanline Deep Data Parsing
A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanlin...
OpenEXR: Heap Overflow in Scanline Deep Data Parsing
A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanlin...
PT-2024-36792 · Longse · Longse Model Lbh30Fe200W
Name of the Vulnerable Software and Affected Versions: Longse model LBH30FE200W cameras affected versions not specified Description: The issue allows an attacker in the same local network to access an undocumented binary service CoolView on one of the ports, providing unrestricted access. With...
Longse LBH30FE200W Security Breach
The Longse LBH30FE200W is a wireless webcam from China-based Longse Technology Longse. A security vulnerability exists in the Longse LBH30FE200W that stems from the related product providing an attacker located in the same local network with unrestricted access to an undocumented binary service,...
RHEL 7 : dpdk (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dpdk: Information exposure in unchecked guest physical to host virtual address translations CVE-2018-1059...
CVE-2023-24590
A format string issue in the Controller 6000's optional diagnostic web interface can be used to write/read from memory, and in some instances crash the Controller 6000 leading to a Denial of Service. This issue affects: Gallagher Controller 6000 8.60 prior to vCR8.60.231116a distributed in...
postgresql: Buffer overrun from integer overflow in array modification
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing...
CVE-2023-47304
An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device...
CVE-2023-47304
An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows local attackers to bypass UART authentication controls and read/write arbitrary values to the memory of the device...
Vonage Box Telephone Adapter VDV23 Security Vulnerability
Vonage Box Telephone Adapter VDV23 is a telephone adapter from Vonage USA. A security vulnerability exists in the Vonage Box Telephone Adapter VDV23, version VDV21-3.2.11-0.5.1, which originated from a vulnerability that allows a local attacker to bypass UART authentication and read or write...
UBUNTU-CVE-2020-19726
An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service...
UBUNTU-CVE-2023-2163
Incorrect verifier pruning in BPF in Linux Kernel =5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape...
CVE-2023-25518
NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of...
CVE-2023-34341
AMI BMC contains a vulnerability in the SPX REST API, where an attacker with the required privileges can read and write to arbitrary locations within the memory context of the IPMI server process, which may lead to code execution, denial of service, information disclosure, or data tampering...
EulerOS Virtualization 2.11.0 : httpd (EulerOS-SA-2023-2123)
According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location...
httpd: mod_dav: out-of-bounds read/write of zero byte
A flaw was found in the moddav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service...